Security on Car Keys Can Be Unlocked, Team Says

Researchers say they cracked the code. But the system's developer says the system is safe.

BALTIMORE — Researchers said Saturday that they had found a way to crack the code used in millions of car keys, a development they said could allow thieves to bypass the security systems on newer car models.

The research team at Johns Hopkins University said it discovered that the "immobilizer" security system developed by Texas Instruments could be cracked using a "relatively inexpensive electronic device" that acquired information hidden in the microchips that made the system work.

The radio-frequency security system being used in more than 150 million new Fords, Toyotas and Nissans involves a transponder chip embedded in the key and a reader inside the car. If the reader does not recognize the transponder, the car will not start, even if the key inserted in the ignition is the correct one.

It's similar to the new gasoline purchase system in which a reader inside the gas pump recognizes a key-chain tag when the tag is waved in front of it. The transaction is then charged to the tag owner's credit card.

Researchers said they were able to crack that code, too.

"We stole our own car, and we bought gas stealing from our own credit card," said Avi Rubin, a professor at Johns Hopkins who led the research team.

Texas Instruments was recently given demonstrations of the team's code-cracking capabilities, but the company said its system was secure.

Tony Sabetti, a business manager with Texas Instruments, said the hardware used to crack the codes was cumbersome, expensive and not practical for common thieves.

"I think the way in which it's presented as being inexpensive to do and quick and all the rest of that is an exaggeration," Sabetti said. "And because of that, we believe the technology still is extremely secure for the applications that it's used in."

But Rubin said the code-breaking demonstrations illustrated that developers did not pay enough attention to security.

"I think the implications are that it sets us back about 10 years ago where we were with car security," Rubin said.

In the seven years the technology has been in use, Texas Instruments has never had a reported incident where a car has been stolen or a gasoline purchasing tag has been duplicated, spokesman Bill Allen said.

The Johns Hopkins team, which was funded by RSA Security Inc. in Bedford, Mass., recommended distributing free metallic sheaths to cover the radio frequency devices when they were not being used.